From be337ada2a3b43c23d9b8424dd1efba73912d754 Mon Sep 17 00:00:00 2001 From: Jakub Czyz Date: Tue, 3 Jun 2025 11:23:47 +0200 Subject: [PATCH 1/6] deploy to new service --- ...r-034191ad-ad96-46a0-be7b-7aea280e210d.yml | 71 +++++++++++-------- 1 file changed, 41 insertions(+), 30 deletions(-) diff --git a/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml b/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml index b951c6c..6bd6770 100644 --- a/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml +++ b/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml @@ -1,22 +1,20 @@ name: Trigger auto deployment for pdf-service-api -# When this action will be executed on: - # Automatically trigger it when detected changes in repo push: - branches: - [ master ] + branches: [master] paths: - - '**' - - '.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml' + - "**" + - ".github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml" + workflow_dispatch: - # Allow mannually trigger - workflow_dispatch: +env: + acr: crbccplatformprod jobs: build: runs-on: ubuntu-latest - + environment: prod steps: - name: Checkout to the branch uses: actions/checkout@v2 @@ -24,46 +22,59 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - - name: Log in to container registry - uses: docker/login-action@v1 + - name: Azure login + uses: azure/login@v1 with: - registry: bccplatform.azurecr.io - username: ${{ secrets.PDFSERVICEAPI_REGISTRY_USERNAME }} - password: ${{ secrets.PDFSERVICEAPI_REGISTRY_PASSWORD }} + client-id: ${{ vars.AZURE_CLIENT_ID }} + tenant-id: ${{ vars.AZURE_TENANT_ID }} + subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }} - - name: Build and push container image for service to registry - uses: docker/build-push-action@v2 + - name: Getting Credentials for Azure Container Registry + id: acr + uses: Azure/cli@v1.0.7 with: - push: true - tags: bccplatform.azurecr.io/pdf-service:${{ github.sha }} - file: ./Dockerfile - context: ./ + inlineScript: | + echo "login<> $GITHUB_OUTPUT + echo "$(az acr login --name ${{env.acr}} --expose-token)" >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT + + - name: Login to Azure Container Registry + uses: docker/login-action@v2 + with: + registry: ${{ fromJSON(steps.acr.outputs.login).loginServer }} + username: "00000000-0000-0000-0000-000000000000" + password: ${{ fromJSON(steps.acr.outputs.login).accessToken }} - - name: Build and push container image for proxy to registry - uses: docker/build-push-action@v2 + - name: Build and push container image to registry + uses: docker/build-push-action@v3 with: + context: ./ push: true - tags: bccplatform.azurecr.io/pdf-service-proxy:${{ github.sha }} - file: ./proxy/BccCode.PdfServer.Proxy/Dockerfile - context: ./proxy/BccCode.PdfServer.Proxy/ + tags: | + ${{ env.acr }}.azurecr.io/pdf-service:${{ github.sha }} + - name: Build and push container image to registry + uses: docker/build-push-action@v3 + with: + context: ./proxy/BccCode.PdfServer.Proxy/ + push: true + tags: | + ${{ env.acr }}.azurecr.io/pdf-service-proxy:${{ github.sha }} deploy: runs-on: ubuntu-latest needs: build - + steps: - name: Azure Login uses: azure/login@v1 with: creds: ${{ secrets.PDFSERVICEAPI_AZURE_CREDENTIALS }} - - name: Deploy to containerapp uses: azure/CLI@v1 with: inlineScript: | az config set extension.use_dynamic_install=yes_without_prompt - az containerapp registry set -n pdf-service -g pdf-service-prod --server bccplatform.azurecr.io --username ${{ secrets.PDFSERVICEAPI_REGISTRY_USERNAME }} --password ${{ secrets.PDFSERVICEAPI_REGISTRY_PASSWORD }} - az containerapp update -n pdf-service -g pdf-service-prod --container-name pdf-service --image bccplatform.azurecr.io/pdf-service:${{ github.sha }} - az containerapp update -n pdf-service -g pdf-service-prod --container-name pdf-service-proxy --image bccplatform.azurecr.io/pdf-service-proxy:${{ github.sha }} + az containerapp update -n ca-pdf -g pdf-prod --container-name pdf-service --image ${{ env.acr }}.azurecr.io/pdf-service:${{ github.sha }} + az containerapp update -n ca-pdf -g pdf-prod --container-name pdf-service-proxy --image ${{ env.acr }}.azurecr.io/pdf-service-proxy:${{ github.sha }} From c969fc1c9c1899381648e3654b8b2b5b3e1fc126 Mon Sep 17 00:00:00 2001 From: Jakub Czyz Date: Tue, 3 Jun 2025 11:25:02 +0200 Subject: [PATCH 2/6] add github token --- ...AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml b/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml index 6bd6770..d56aaa7 100644 --- a/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml +++ b/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml @@ -11,6 +11,10 @@ on: env: acr: crbccplatformprod +permissions: + id-token: write + contents: read + jobs: build: runs-on: ubuntu-latest From 28bc9b51946c4c9681d7aeafc8fb167de25090c5 Mon Sep 17 00:00:00 2001 From: Jakub Czyz Date: Tue, 3 Jun 2025 11:29:25 +0200 Subject: [PATCH 3/6] fix deploy pipeline --- ...toDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml b/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml index d56aaa7..89954d8 100644 --- a/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml +++ b/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml @@ -68,12 +68,14 @@ jobs: deploy: runs-on: ubuntu-latest needs: build - + environment: prod steps: - name: Azure Login uses: azure/login@v1 with: - creds: ${{ secrets.PDFSERVICEAPI_AZURE_CREDENTIALS }} + client-id: ${{ vars.AZURE_CLIENT_ID }} + tenant-id: ${{ vars.AZURE_TENANT_ID }} + subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }} - name: Deploy to containerapp uses: azure/CLI@v1 From c48cfa126b68f8607839f278cdaf02da8480047f Mon Sep 17 00:00:00 2001 From: Jakub Czyz Date: Tue, 3 Jun 2025 15:27:09 +0200 Subject: [PATCH 4/6] fix test project --- .../BccCode.PdfServer.Proxy.sln | 6 ++++++ .../ConfigHelper.cs | 18 +++++++----------- .../PdfServiceClientTests.cs | 6 +++--- .../appsettings.json | 2 +- 4 files changed, 17 insertions(+), 15 deletions(-) diff --git a/proxy/BccCode.PdfServer.Proxy/BccCode.PdfServer.Proxy.sln b/proxy/BccCode.PdfServer.Proxy/BccCode.PdfServer.Proxy.sln index edcbf84..3de494c 100644 --- a/proxy/BccCode.PdfServer.Proxy/BccCode.PdfServer.Proxy.sln +++ b/proxy/BccCode.PdfServer.Proxy/BccCode.PdfServer.Proxy.sln @@ -5,6 +5,8 @@ VisualStudioVersion = 17.3.32819.101 MinimumVisualStudioVersion = 10.0.40219.1 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "BccCode.PdfServer.Proxy", "BccCode.PdfServer.Proxy.csproj", "{3A4469B3-9668-4745-94C9-9257914E645B}" EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "BccCode.PdfService.Client.Tests", "..\..\sdk\dotnet\BccCode.PdfService.Client.Tests\BccCode.PdfService.Client.Tests.csproj", "{0A55B787-453E-450C-9744-FC2D173A2A0B}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU @@ -15,6 +17,10 @@ Global {3A4469B3-9668-4745-94C9-9257914E645B}.Debug|Any CPU.Build.0 = Debug|Any CPU {3A4469B3-9668-4745-94C9-9257914E645B}.Release|Any CPU.ActiveCfg = Release|Any CPU {3A4469B3-9668-4745-94C9-9257914E645B}.Release|Any CPU.Build.0 = Release|Any CPU + {0A55B787-453E-450C-9744-FC2D173A2A0B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {0A55B787-453E-450C-9744-FC2D173A2A0B}.Debug|Any CPU.Build.0 = Debug|Any CPU + {0A55B787-453E-450C-9744-FC2D173A2A0B}.Release|Any CPU.ActiveCfg = Release|Any CPU + {0A55B787-453E-450C-9744-FC2D173A2A0B}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/sdk/dotnet/BccCode.PdfService.Client.Tests/ConfigHelper.cs b/sdk/dotnet/BccCode.PdfService.Client.Tests/ConfigHelper.cs index 26677ae..ab14aa3 100644 --- a/sdk/dotnet/BccCode.PdfService.Client.Tests/ConfigHelper.cs +++ b/sdk/dotnet/BccCode.PdfService.Client.Tests/ConfigHelper.cs @@ -9,20 +9,16 @@ namespace BccCode.PdfService.Client.Tests { public class ConfigHelper { - public static IConfigurationRoot GetIConfigurationRoot(string outputPath) - { - return new ConfigurationBuilder() - .SetBasePath(outputPath) - .AddJsonFile("appsettings.json", optional: true) - .AddUserSecrets("7631d5c1-8d69-4390-9569-4ed9124457f0") - .Build(); - } - - public static PdfServiceOptions GetApplicationConfiguration(string outputPath) + public static PdfServiceOptions GetApplicationConfiguration() { var configuration = new PdfServiceOptions(); - var configRoot = GetIConfigurationRoot(outputPath); + var dir = Directory.GetCurrentDirectory() + "../../../../"; + var configRoot = new ConfigurationBuilder() + .SetBasePath(dir) + .AddJsonFile("appsettings.json", optional: false) + .AddUserSecrets("7631d5c1-8d69-4390-9569-4ed9124457f0") + .Build(); configRoot .GetSection("PdfService") diff --git a/sdk/dotnet/BccCode.PdfService.Client.Tests/PdfServiceClientTests.cs b/sdk/dotnet/BccCode.PdfService.Client.Tests/PdfServiceClientTests.cs index 5a107a4..433e182 100644 --- a/sdk/dotnet/BccCode.PdfService.Client.Tests/PdfServiceClientTests.cs +++ b/sdk/dotnet/BccCode.PdfService.Client.Tests/PdfServiceClientTests.cs @@ -8,16 +8,16 @@ public class PdfServiceClientTests public async Task GeneratePdfTest() { - var options = ConfigHelper.GetApplicationConfiguration(Directory.GetCurrentDirectory()); + var options = ConfigHelper.GetApplicationConfiguration(); var client = new PdfServiceClient(options, new DummyHttpClientFactory(), new PhysicalFileProvider(Directory.GetCurrentDirectory())); var css = await File.ReadAllTextAsync("assets/style.css"); var tasks = new List(); - for (int i = 0; i < 500; i++) + for (int i = 0; i < 100; i++) { if (i % 15 != 0) { tasks.Add(client.GeneratePdfToFileAsync($"files/output{i}.pdf", $"

PDF {i}

Welcome

", css, new[] { "assets/test.jpg" })); - } + } else { await client.GeneratePdfToFileAsync($"files/output{i}.pdf", $"

PDF {i}

Welcome

", css, new[] { "assets/test.jpg" }); diff --git a/sdk/dotnet/BccCode.PdfService.Client.Tests/appsettings.json b/sdk/dotnet/BccCode.PdfService.Client.Tests/appsettings.json index 8a45db6..b7e5fee 100644 --- a/sdk/dotnet/BccCode.PdfService.Client.Tests/appsettings.json +++ b/sdk/dotnet/BccCode.PdfService.Client.Tests/appsettings.json @@ -1,6 +1,6 @@ { "PdfService": { - "BaseUrl": "https://pdf-service.kindsea-6f2fe326.westeurope.azurecontainerapps.io", + "BaseUrl": "https://ca-pdf.kindocean-4e4f5fb4.westeurope.azurecontainerapps.io/", "Audience": "api.bcc.no", "Authority": "https://login.bcc.no", "ClientId": "", From 1819215111737412c458254e73d0b49b74de6ea4 Mon Sep 17 00:00:00 2001 From: Jakub Czyz Date: Tue, 3 Jun 2025 15:27:40 +0200 Subject: [PATCH 5/6] rename deploy workflow --- ...4191ad-ad96-46a0-be7b-7aea280e210d.yml => pdf-service-api.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml => pdf-service-api.yml} (100%) diff --git a/.github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml b/.github/workflows/pdf-service-api.yml similarity index 100% rename from .github/workflows/pdf-service-api-AutoDeployTrigger-034191ad-ad96-46a0-be7b-7aea280e210d.yml rename to .github/workflows/pdf-service-api.yml From ebc548168491347db5812aad539dbe4eb49904e0 Mon Sep 17 00:00:00 2001 From: Jakub Czyz Date: Tue, 3 Jun 2025 15:28:09 +0200 Subject: [PATCH 6/6] remove infra code --- infra/main.tf | 278 ------------------ .../azure/application_insights/main.tf | 36 --- .../azure/application_insights/outputs.tf | 26 -- .../azure/application_insights/variables.tf | 32 -- infra/modules/azure/container_apps/main.tf | 81 ----- infra/modules/azure/container_apps/outputs.tf | 11 - .../modules/azure/container_apps/variables.tf | 94 ------ .../modules/azure/container_apps_env/main.tf | 56 ---- .../azure/container_apps_env/outputs.tf | 9 - .../azure/container_apps_env/variables.tf | 43 --- .../modules/azure/container_apps_vlan/main.tf | 61 ---- .../azure/container_apps_vlan/outputs.tf | 20 -- .../azure/container_apps_vlan/variables.tf | 37 --- infra/modules/azure/front_door/main.tf | 85 ------ infra/modules/azure/front_door/variables.tf | 37 --- infra/modules/azure/front_door_route/main.tf | 237 --------------- .../azure/front_door_route/variables.tf | 56 ---- infra/modules/azure/log_analytics/main.tf | 36 --- infra/modules/azure/log_analytics/output.tf | 30 -- .../modules/azure/log_analytics/variables.tf | 37 --- infra/variables.tf | 34 --- 21 files changed, 1336 deletions(-) delete mode 100644 infra/main.tf delete mode 100644 infra/modules/azure/application_insights/main.tf delete mode 100644 infra/modules/azure/application_insights/outputs.tf delete mode 100644 infra/modules/azure/application_insights/variables.tf delete mode 100644 infra/modules/azure/container_apps/main.tf delete mode 100644 infra/modules/azure/container_apps/outputs.tf delete mode 100644 infra/modules/azure/container_apps/variables.tf delete mode 100644 infra/modules/azure/container_apps_env/main.tf delete mode 100644 infra/modules/azure/container_apps_env/outputs.tf delete mode 100644 infra/modules/azure/container_apps_env/variables.tf delete mode 100644 infra/modules/azure/container_apps_vlan/main.tf delete mode 100644 infra/modules/azure/container_apps_vlan/outputs.tf delete mode 100644 infra/modules/azure/container_apps_vlan/variables.tf delete mode 100644 infra/modules/azure/front_door/main.tf delete mode 100644 infra/modules/azure/front_door/variables.tf delete mode 100644 infra/modules/azure/front_door_route/main.tf delete mode 100644 infra/modules/azure/front_door_route/variables.tf delete mode 100644 infra/modules/azure/log_analytics/main.tf delete mode 100644 infra/modules/azure/log_analytics/output.tf delete mode 100644 infra/modules/azure/log_analytics/variables.tf delete mode 100644 infra/variables.tf diff --git a/infra/main.tf b/infra/main.tf deleted file mode 100644 index ce59f00..0000000 --- a/infra/main.tf +++ /dev/null @@ -1,278 +0,0 @@ -terraform { - required_version = ">= 1.0" - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "3.3.0" - } - - azuread = { - source = "hashicorp/azuread" - version = "~> 2.15.0" - } - - azapi = { - source = "Azure/azapi" - version = "0.4.0" - } - } - experiments = [module_variable_optional_attrs] - - backend "azurerm" { - resource_group_name = "BCC-Platform" - storage_account_name = "bccplatformtfstate" - container_name = "pdf-service" - key = "pdf-service.terraform.tfstate" - subscription_id = "a77a3461-9212-44cf-bc6a-11c6281797e9" - tenant_id = "8572f54e-d0a8-4ea4-a28e-557c63698a4a" - } - -} - -locals { - azure_tenant_id = var.azure_tenant_id - azure_subscription_id = var.azure_subscription_id - azure_platform_subscription_id = var.azure_platform_subscription_id - location = var.location - resource_group = "${var.resource_prefix}-${var.environment}" - resource_prefix = "${var.resource_prefix}" - tags = {} -} - -provider "azuread" { - tenant_id = var.azure_tenant_id - features {} -} - -provider "azurerm" { - alias = "main" - subscription_id = local.azure_subscription_id - tenant_id = local.azure_tenant_id - skip_provider_registration = true - features {} -} - -provider "azurerm" { - alias = "platform" - subscription_id = local.azure_platform_subscription_id - tenant_id = local.azure_tenant_id - skip_provider_registration = true - features {} -} - - -provider "azapi" { - subscription_id = local.azure_subscription_id - tenant_id = local.azure_tenant_id - skip_provider_registration = true -} - - -# Get Resource Group -data "azurerm_resource_group" "rg" { - provider = azurerm.main - name = local.resource_group -} - -# Get Container Registry -data "azurerm_container_registry" "acr" { - provider = azurerm.platform - name = "bccplatform" - resource_group_name = "BCC-Platform" -} - -# Analytics Workspace -module "log_analytics_workspace" { - source = "./modules/azure/log_analytics" - name = "${local.resource_prefix}-logs" - location = local.location - resource_group_name = data.azurerm_resource_group.rg.name - tags = local.tags - providers = { - azurerm = azurerm.main - } -} - -# Application Insights -module "application_insights" { - source = "./modules/azure/application_insights" - name = "${local.resource_prefix}-env-insights" - location = local.location - resource_group_name = data.azurerm_resource_group.rg.name - tags = local.tags - application_type = "web" - workspace_id = module.log_analytics_workspace.id - providers = { - azurerm = azurerm.main - } -} - -# VLAN for Container Environment -module "container_apps_vlan" { - source = "./modules/azure/container_apps_vlan" - name = "${local.resource_prefix}-vlan" - location = local.location - resource_group_name = data.azurerm_resource_group.rg.name - tags = local.tags - - depends_on = [ - data.azurerm_resource_group.rg - ] - - providers = { - azurerm = azurerm.main - } -} - - -# Container Environment -module "container_apps_env" { - source = "./modules/azure/container_apps_env" - managed_environment_name = "${local.resource_prefix}-env" - location = local.location - resource_group_id = data.azurerm_resource_group.rg.id - tags = local.tags - instrumentation_key = module.application_insights.instrumentation_key - workspace_id = module.log_analytics_workspace.workspace_id - primary_shared_key = module.log_analytics_workspace.primary_shared_key - vlan_subnet_id = module.container_apps_vlan.subnet_id - - providers = { - azurerm = azurerm.main - } -} - - -#ref: -# https://github.com/Azure/azure-resource-manager-schemas/blob/68af7da6820cc91660904b34813aeee606c400f1/schemas/2022-03-01/Microsoft.App.json - -# API Container App -module "api_container_app" { - source = "./modules/azure/container_apps" - managed_environment_id = module.container_apps_env.id - location = local.location - resource_group_id = data.azurerm_resource_group.rg.id - tags = local.tags - registries = [{ - admin_password = data.azurerm_container_registry.acr.admin_password - admin_username = data.azurerm_container_registry.acr.admin_username - login_server = data.azurerm_container_registry.acr.login_server - }] - container_app = { - name = "${local.resource_prefix}" - configuration = { - ingress = { - external = true - targetPort = 5130 - } - dapr = { - enabled = false - # appId = "${local.resource_prefix}" - # appProtocol = "http" - # appPort = 5130 - } - secrets = [ - { - name = "application-insights-connection-string" - value = module.application_insights.connection_string - } - ] - # customDomains = [ - # { - # bindingType = "SniEnabled", - # certificateId = "", - # name = module.api_container_app.domain_name - # } - # ] - } - template = { - containers = [{ - image = "hello-world:latest" //"bccplatform.azurecr.io/bcc-code-run-prod-api:latest" - name = "${local.resource_prefix}" - env = [{ - name = "APP_PORT" - value = 8080 - }, - { - name = "ENVIRONMENT_NAME" - value = terraform.workspace - } - ] - resources = { - cpu = 0.5 - memory = "1Gi" - } - }, - { - image = "hello-world:latest" //"bccplatform.azurecr.io/bcc-code-run-prod-api:latest" - name = "${local.resource_prefix}-proxy" - env = [{ - name = "APP_PORT" - value = 5130 - }, - { - name = "ASPNETCORE_URLS" - value = "http://+:5130" - }, - { - name = "ENVIRONMENT_NAME" - value = terraform.workspace - }, - { - name = "APPLICATIONINSIGHTS_CONNECTION_STRING" - secretRef = "application-insights-connection-string" - }, - { - name = "APPLICATIONINSIGHTS__CONNECTIONSTRING" - secretRef = "application-insights-connection-string" - }, - ] - resources = { - cpu = 0.25 - memory = "0.5Gi" - } - }] - scale = { - minReplicas = 0 - maxReplicas = 10 - } - } - } - providers = { - azurerm = azurerm.main - } -} - -# # # Add gateway - -# module "gateway" { -# source = "./modules/azure/front_door" -# name = "${local.resource_prefix}-gateway" -# location = local.location -# tags = local.tags -# endpoint_domain_name = var.endpoint_domain_name -# endpoint_name = "default" -# resource_group_id = data.azurerm_resource_group.rg.id -# providers = { -# azurerm = azurerm.main -# } -# } - -# module "api_route" { -# source = "./modules/azure/front_door_route" -# name = "${local.resource_prefix}-svc-route" -# front_door_name = "${local.resource_prefix}-gateway" -# origin_host = module.api_container_app.domain_name -# route_path = "/*" -# origin_path = "/" -# endpoint_name = "default" -# endpoint_domain_name = var.endpoint_domain_name -# resource_group_id = data.azurerm_resource_group.rg.id -# resource_group_name = data.azurerm_resource_group.rg.name -# depends_on = [ -# module.gateway -# ] -# providers = { -# azurerm = azurerm.main -# } -# } \ No newline at end of file diff --git a/infra/modules/azure/application_insights/main.tf b/infra/modules/azure/application_insights/main.tf deleted file mode 100644 index 48855f0..0000000 --- a/infra/modules/azure/application_insights/main.tf +++ /dev/null @@ -1,36 +0,0 @@ -terraform { - required_version = ">= 1.0" - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "3.3.0" - } - azapi = { - source = "Azure/azapi" - version = "0.4.0" - } - } - experiments = [module_variable_optional_attrs] -} - -locals { - module_tag = { - "module" = basename(abspath(path.module)) - } - tags = merge(var.tags, local.module_tag) -} - -resource "azurerm_application_insights" "resource" { - name = var.name - location = var.location - resource_group_name = var.resource_group_name - tags = local.tags - application_type = "web" - workspace_id = var.workspace_id - - lifecycle { - ignore_changes = [ - tags - ] - } -} \ No newline at end of file diff --git a/infra/modules/azure/application_insights/outputs.tf b/infra/modules/azure/application_insights/outputs.tf deleted file mode 100644 index a4b5616..0000000 --- a/infra/modules/azure/application_insights/outputs.tf +++ /dev/null @@ -1,26 +0,0 @@ -output "name" { - value = azurerm_application_insights.resource.name - description = "Specifies the name of the resource." -} - -output "id" { - value = azurerm_application_insights.resource.id - description = "Specifies the resource id of the resource." -} - -output "instrumentation_key" { - value = azurerm_application_insights.resource.instrumentation_key - description = "Specifies the instrumentation key of the Application Insights." - sensitive = true -} - -output "connection_string" { - value = azurerm_application_insights.resource.connection_string - description = "Specifies the connection string of the Application Insights." - sensitive = true -} - -output "app_id" { - value = azurerm_application_insights.resource.app_id - description = "Specifies the resource id of the resource." -} \ No newline at end of file diff --git a/infra/modules/azure/application_insights/variables.tf b/infra/modules/azure/application_insights/variables.tf deleted file mode 100644 index 997018c..0000000 --- a/infra/modules/azure/application_insights/variables.tf +++ /dev/null @@ -1,32 +0,0 @@ - -variable "name" { - description = "(Required) Specifies the name of the resource. Changing this forces a new resource to be created." - type = string -} - -variable "resource_group_name" { - description = "(Required) The name of the resource group in which to create the resource. Changing this forces a new resource to be created." - type = string -} - -variable "tags" { - description = "(Optional) Specifies the tags of the log analytics workspace" - type = map(any) - default = {} -} - -variable "location" { - description = "(Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created." - type = string -} - -variable "application_type" { - description = "(Required) Specifies the type of Application Insights to create. Valid values are ios for iOS, java for Java web, MobileCenter for App Center, Node.JS for Node.js, other for General, phone for Windows Phone, store for Windows Store and web for ASP.NET. Please note these values are case sensitive; unmatched values are treated as ASP.NET by Azure. Changing this forces a new resource to be created." - type = string - default = "web" -} - -variable "workspace_id" { - description = "(Optional) Specifies the id of a log analytics workspace resource. Changing this forces a new resource to be created." - type = string -} diff --git a/infra/modules/azure/container_apps/main.tf b/infra/modules/azure/container_apps/main.tf deleted file mode 100644 index fb90a43..0000000 --- a/infra/modules/azure/container_apps/main.tf +++ /dev/null @@ -1,81 +0,0 @@ -terraform { - required_version = ">= 1.0" - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "3.3.0" - } - azapi = { - source = "Azure/azapi" - version = "0.4.0" - } - } - experiments = [module_variable_optional_attrs] -} - -locals { - module_tag = { - "module" = basename(abspath(path.module)) - } - tags = merge(var.tags, local.module_tag) -} - -resource "azapi_resource" "daprComponents" { - for_each = {for component in var.dapr_components: component.name => component} - - name = each.key - parent_id = var.managed_environment_id - type = "Microsoft.App/managedEnvironments/daprComponents@2022-03-01" - - body = jsonencode({ - properties = { - componentType = each.value.componentType - version = each.value.version - ignoreErrors = each.value.ignoreErrors - initTimeout = each.value.initTimeout - secrets = each.value.secrets - metadata = each.value.metadata - scopes = each.value.scopes - } - }) -} - -#ref -# https://raw.githubusercontent.com/Azure/azure-resource-manager-schemas/68af7da6820cc91660904b34813aeee606c400f1/schemas/2022-03-01/Microsoft.App.json - -resource "azapi_resource" "container_app" { - # for_each = {for app in var.container_apps: app.name => app} - - name = var.container_app.name - location = var.location - parent_id = var.resource_group_id - type = "Microsoft.App/containerApps@2022-03-01" - tags = var.tags - - body = jsonencode({ - properties = { - - managedEnvironmentId = var.managed_environment_id - configuration = { - registries = [for reg in var.registries : { - server = reg.login_server - username = reg.admin_username - passwordSecretRef = "acr-pw-${replace(reg.login_server,".","-")}" - }] - secrets = concat((var.container_app.configuration.secrets == null ? [] : var.container_app.configuration.secrets), [for reg in var.registries : { - name = "acr-pw-${replace(reg.login_server,".","-")}" - value = reg.admin_password - }]) - ingress = try(var.container_app.configuration.ingress, null) - dapr = try(var.container_app.configuration.dapr, null) - } - template = var.container_app.template - - } - }) - - ignore_missing_property = true - ignore_casing = true - response_export_values = ["properties.configuration.ingress.fqdn"] - -} \ No newline at end of file diff --git a/infra/modules/azure/container_apps/outputs.tf b/infra/modules/azure/container_apps/outputs.tf deleted file mode 100644 index e7dd4ca..0000000 --- a/infra/modules/azure/container_apps/outputs.tf +++ /dev/null @@ -1,11 +0,0 @@ -output "domain_name" { - value = jsondecode(azapi_resource.container_app.output).properties.configuration.ingress.fqdn -} - -output "id" { - value = azapi_resource.container_app.id -} - -output "identity" { - value = azapi_resource.container_app.identity -} \ No newline at end of file diff --git a/infra/modules/azure/container_apps/variables.tf b/infra/modules/azure/container_apps/variables.tf deleted file mode 100644 index a54f3b1..0000000 --- a/infra/modules/azure/container_apps/variables.tf +++ /dev/null @@ -1,94 +0,0 @@ - -variable "managed_environment_id" { - description = "(Required) Specifies the id of the managed environment." - type = string -} - -variable "resource_group_id" { - description = "(Required) The resource id of the resource group in which to create the resource. Changing this forces a new resource to be created." - type = string -} - -variable "tags" { - description = "(Optional) Specifies the tags of the log analytics workspace" - type = map(any) - default = {} -} - -variable "location" { - description = "(Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created." - type = string -} - -variable "registries" { - description = "Container registry details" - type = list(object({ - login_server = string - admin_username = string - admin_password = string - })) -} - -variable "container_app" { - description = "Specifies the container apps in the managed environment." - type = object({ - name = string - configuration = object({ - ingress = optional(object({ - external = optional(bool) - targetPort = optional(number) - })) - dapr = optional(object({ - enabled = optional(bool) - appId = optional(string) - appProtocol = optional(string) - appPort = optional(number) - })) - secrets = optional(list(object({ - name = string - value = string - }))) - }) - template = object({ - containers = list(object({ - image = string - name = string - env = optional(list(object({ - name = string - value = optional(string) - secretRef = optional(string) - }))) - resources = optional(object({ - cpu = optional(number) - memory = optional(string) - })) - })) - scale = optional(object({ - minReplicas = optional(number) - maxReplicas = optional(number) - })) - }) - }) -} - -variable "dapr_components" { - description = "Specifies the dapr components in the managed environment." - type = list(object({ - name = string - componentType = string - version = string - ignoreErrors = optional(bool) - initTimeout = string - secrets = optional(list(object({ - name = string - value = any - }))) - metadata = optional(list(object({ - name = string - value = optional(any) - secretRef = optional(any) - }))) - scopes = optional(list(string)) - })) - default = [] -} \ No newline at end of file diff --git a/infra/modules/azure/container_apps_env/main.tf b/infra/modules/azure/container_apps_env/main.tf deleted file mode 100644 index 2500962..0000000 --- a/infra/modules/azure/container_apps_env/main.tf +++ /dev/null @@ -1,56 +0,0 @@ -terraform { - required_version = ">= 1.0" - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "3.3.0" - } - azapi = { - source = "Azure/azapi" - version = "0.4.0" - } - } - experiments = [module_variable_optional_attrs] -} - -locals { - module_tag = { - "module" = basename(abspath(path.module)) - } - tags = merge(var.tags, local.module_tag) -} - -resource "azapi_resource" "managed_environment" { - name = var.managed_environment_name - location = var.location - parent_id = var.resource_group_id - type = "Microsoft.App/managedEnvironments@2022-03-01" - tags = local.tags - - body = jsonencode({ - properties = { - daprAIInstrumentationKey = var.instrumentation_key - appLogsConfiguration = { - destination = "log-analytics" - logAnalyticsConfiguration = { - customerId = var.workspace_id - sharedKey = var.primary_shared_key - } - } - vnetConfiguration = { - infrastructureSubnetId = var.vlan_subnet_id - internal = false - } - zoneRedundant = true - } - }) - - lifecycle { - ignore_changes = [ - tags - ] - } - - ignore_missing_property = true - ignore_casing = true -} diff --git a/infra/modules/azure/container_apps_env/outputs.tf b/infra/modules/azure/container_apps_env/outputs.tf deleted file mode 100644 index 5c784d1..0000000 --- a/infra/modules/azure/container_apps_env/outputs.tf +++ /dev/null @@ -1,9 +0,0 @@ -output "name" { - value = azapi_resource.managed_environment.name - description = "Specifies the name of the managed environment." -} - -output "id" { - value = azapi_resource.managed_environment.id - description = "Specifies the resource id of the managed environment." -} \ No newline at end of file diff --git a/infra/modules/azure/container_apps_env/variables.tf b/infra/modules/azure/container_apps_env/variables.tf deleted file mode 100644 index 8bc9763..0000000 --- a/infra/modules/azure/container_apps_env/variables.tf +++ /dev/null @@ -1,43 +0,0 @@ - -variable "managed_environment_name" { - description = "(Required) Specifies the name of the managed environment." - type = string -} - -variable "resource_group_id" { - description = "(Required) The resource id of the resource group in which to create the resource. Changing this forces a new resource to be created." - type = string -} - -variable "tags" { - description = "(Optional) Specifies the tags of the log analytics workspace" - type = map(any) - default = {} -} - -variable "location" { - description = "(Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created." - type = string -} - -variable "instrumentation_key" { - description = "(Optional) Specifies the instrumentation key of the application insights resource." - type = string -} - -variable "workspace_id" { - description = "(Optional) Specifies workspace id of the log analytics workspace." - type = string -} - -variable "primary_shared_key" { - description = "(Optional) Specifies the workspace key of the log analytics workspace." - type = string -} - -variable "vlan_subnet_id" { - description = "(Required) Specifies the id of the vlan subnet for the managed environment." - type = string -} - - diff --git a/infra/modules/azure/container_apps_vlan/main.tf b/infra/modules/azure/container_apps_vlan/main.tf deleted file mode 100644 index e631133..0000000 --- a/infra/modules/azure/container_apps_vlan/main.tf +++ /dev/null @@ -1,61 +0,0 @@ -terraform { - required_version = ">= 1.0" - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "3.3.0" - } - } - experiments = [module_variable_optional_attrs] -} - -resource "azurerm_network_security_group" "nsg" { - name = "${var.name}-nsg" - location = var.location - resource_group_name = var.resource_group_name - tags = var.tags - - security_rule { - name = "AllowPort80" - priority = 101 - direction = "Inbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "80" - source_address_prefix = "*" - destination_address_prefix = "*" - } - - security_rule { - name = "AllowPort443" - priority = 100 - direction = "Inbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "443" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} - -resource "azurerm_virtual_network" "vlan" { - name = var.name - location = var.location - resource_group_name = var.resource_group_name - address_space = var.vlan_address_space - tags = var.tags -} - -resource "azurerm_subnet" "default" { - name = var.subnet_name - resource_group_name = var.resource_group_name - virtual_network_name = azurerm_virtual_network.vlan.name - address_prefixes = var.subnet_address_prefixes -} - -resource "azurerm_subnet_network_security_group_association" "nsg_assignment" { - subnet_id = azurerm_subnet.default.id - network_security_group_id = azurerm_network_security_group.nsg.id -} \ No newline at end of file diff --git a/infra/modules/azure/container_apps_vlan/outputs.tf b/infra/modules/azure/container_apps_vlan/outputs.tf deleted file mode 100644 index fe3c5c8..0000000 --- a/infra/modules/azure/container_apps_vlan/outputs.tf +++ /dev/null @@ -1,20 +0,0 @@ -output "id" { - value = azurerm_virtual_network.vlan.id - description = "Specifies the id of the virtual network" -} - -output "location" { - value = azurerm_virtual_network.vlan.location - description = "Specifies the location of the virtual network" -} - -output "network_security_group_id" { - value = azurerm_network_security_group.nsg.id - description = "Specifies the resource id of the network security group" -} - -output "subnet_id" { - value = azurerm_subnet.default.id - description = "Specifies the resource id of the default subnet" -} - diff --git a/infra/modules/azure/container_apps_vlan/variables.tf b/infra/modules/azure/container_apps_vlan/variables.tf deleted file mode 100644 index b3e88de..0000000 --- a/infra/modules/azure/container_apps_vlan/variables.tf +++ /dev/null @@ -1,37 +0,0 @@ -variable "name" { - description = "(Required) Specifies the name of the vlan" - type = string -} - -variable "resource_group_name" { - description = "(Required) Specifies the resource group name of the vlan" - type = string -} - -variable "location" { - description = "(Required) Specifies the location of the vlan" - type = string -} - -variable "tags" { - description = "(Optional) Specifies the tags of the vlan" - default = {} -} - -variable "vlan_address_space" { - description = "(Optional) Specifies the address space of the vlan" - type = list(string) - default = ["10.0.0.0/16"] -} - -variable "subnet_address_prefixes" { - description = "(Optional) Specifies the address prefixes of the default subnet" - type = list(string) - default = ["10.0.0.0/23"] -} - -variable "subnet_name" { - description = "(Optional) Specifies the name of the default subnet" - type = string - default = "default" -} \ No newline at end of file diff --git a/infra/modules/azure/front_door/main.tf b/infra/modules/azure/front_door/main.tf deleted file mode 100644 index 173a7bf..0000000 --- a/infra/modules/azure/front_door/main.tf +++ /dev/null @@ -1,85 +0,0 @@ -terraform { - required_version = ">= 1.0" - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "3.3.0" - } - azapi = { - source = "Azure/azapi" - version = "0.4.0" - } - } - experiments = [module_variable_optional_attrs] -} - -locals { - module_tag = { - "module" = basename(abspath(path.module)) - } - tags = merge(var.tags, local.module_tag) -} - -resource "azapi_resource" "frontdoor_profile" { - - name = var.name - location = "global" - parent_id = var.resource_group_id - type = "Microsoft.Cdn/profiles@2021-06-01" - tags = local.tags - - body = jsonencode({ - sku = { - name = var.sku - } - }) - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -resource "azapi_resource" "frontdoor_endpoint" { - - name = var.endpoint_name - location = "global" - parent_id = azapi_resource.frontdoor_profile.id - type = "Microsoft.Cdn/profiles/afdEndpoints@2021-06-01" - tags = local.tags - - body = jsonencode({ - properties = { - enabledState = "Enabled" - } - }) - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -resource "azapi_resource" "frontdoor_domain" { - name = "${replace(var.endpoint_domain_name,".","-")}" - parent_id = azapi_resource.frontdoor_profile.id - type = "Microsoft.Cdn/profiles/customdomains@2021-06-01" - - body = jsonencode({ - properties = { - hostName = var.endpoint_domain_name, - tlsSettings = { - certificateType = "ManagedCertificate" - minimumTlsVersion = "TLS12" - } - } - }) - - lifecycle { - ignore_changes = [ - tags - ] - } -} \ No newline at end of file diff --git a/infra/modules/azure/front_door/variables.tf b/infra/modules/azure/front_door/variables.tf deleted file mode 100644 index fa72773..0000000 --- a/infra/modules/azure/front_door/variables.tf +++ /dev/null @@ -1,37 +0,0 @@ -variable "resource_group_id" { - description = "(Required) The resource id of the resource group in which to create the resource. Changing this forces a new resource to be created." - type = string -} - -variable "tags" { - description = "(Optional) Specifies the tags of the log analytics workspace" - type = map(any) - default = {} -} - -variable "location" { - description = "(Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created." - type = string -} - -variable "name" { - description = "(Required) Friendly name of azure frontdoor instance." - type = string -} - -variable "sku" { - description = "(Required) Friendly name of azure frontdoor instance." - type = string - default = "Standard_AzureFrontDoor" -} - -variable "endpoint_name" { - description = "(Required) Name of the default endpoint for the frontdoor" - type = string - default = "api" -} - -variable "endpoint_domain_name" { - description = "(Required) Name of the domain for the frontdoor endpoint" - type = string -} \ No newline at end of file diff --git a/infra/modules/azure/front_door_route/main.tf b/infra/modules/azure/front_door_route/main.tf deleted file mode 100644 index acee319..0000000 --- a/infra/modules/azure/front_door_route/main.tf +++ /dev/null @@ -1,237 +0,0 @@ -terraform { - required_version = ">= 1.0" - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "3.3.0" - } - azapi = { - source = "Azure/azapi" - version = "0.4.0" - } - } - experiments = [module_variable_optional_attrs] -} - -locals { - module_tag = { - "module" = basename(abspath(path.module)) - } - tags = merge(var.tags, local.module_tag) - route_path = var.route_path == null ? "/${var.name}/*" : var.route_path - origin_path = var.origin_path == null ? "/" : var.origin_path -} - - -data "azapi_resource" "frontdoor_profile" { - name = var.front_door_name - parent_id = var.resource_group_id - type = "Microsoft.Cdn/profiles@2021-06-01" -} - -data "azapi_resource" "frontdoor_endpoint" { - name = var.endpoint_name - parent_id = data.azapi_resource.frontdoor_profile.id - type = "Microsoft.Cdn/profiles/afdEndpoints@2021-06-01" -} - -data "azapi_resource" "endpoint_domain" { - name = replace(var.endpoint_domain_name,".","-") - parent_id = data.azapi_resource.frontdoor_profile.id - type = "Microsoft.Cdn/profiles/customdomains@2021-06-01" -} - -data "azurerm_client_config" "current" {} - -resource "azapi_resource" "origin_group" { - - name = "${var.name}-origin-group" - parent_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/resourceGroups/${var.resource_group_name}/providers/Microsoft.Cdn/profiles/${var.front_door_name}" - #data.azapi_resource.frontdoor_profile.id - type = "Microsoft.Cdn/profiles/origingroups@2021-06-01" - - body = jsonencode({ - properties = { - healthProbeSettings = { - probePath = "/" - probeIntervalInSeconds = 255 - probeProtocol = "Https" - probeRequestType = "HEAD" - } - sessionAffinityState = "Enabled" - loadBalancingSettings = { - additionalLatencyInMilliseconds = 50 - successfulSamplesRequired = 3 - sampleSize = 4 - } - } - }) - - depends_on = [ - data.azapi_resource.frontdoor_profile - ] - -} - -resource "azapi_resource" "origin" { - - name = "${var.name}" - parent_id = azapi_resource.origin_group.id - type = "Microsoft.Cdn/profiles/origingroups/origins@2021-06-01" - - body = jsonencode({ - properties = { - # azureOrigin = { - # id = azapi_resource.origin_group.id - # } - hostName = var.origin_host - httpPort = 80 - httpsPort = 443 - originHostHeader = var.origin_host - enabledState = "Enabled" - priority = 1 - weight = 1000 - } - }) - - depends_on = [ - azapi_resource.origin_group - ] - -} - -# DOESN'T CURRENLTY WORK - Causes an error, presumably because this resource can't be looked up using the CLi -# resource "azapi_resource" "origin_route" { - -# name = "${var.name}" -# parent_id = "${data.azapi_resource.frontdoor_endpoint.id}" -# type = "Microsoft.Cdn/profiles/afdendpoints/routes@2021-06-01" - -# body = jsonencode({ -# properties = { -# originPath = "/" - -# # customDomains = [ -# # { -# # id = data.azapi_resource.endpoint_domain.id -# # } -# # ] -# originGroup = { -# id = azapi_resource.origin_group.id -# } -# supportedProtocols = [ -# "Http", -# "Https" -# ] -# patternsToMatch = [ -# local.route_path -# ] -# forwardingProtocol = "MatchRequest" -# linkToDefaultDomain = "Enabled" -# httpsRedirect = "Enabled" -# enabledState = "Enabled" -# } -# }) - -# # depends_on = [ -# # azapi_resource.origin_group, -# # ] - -# } - -resource "random_id" "id" { - byte_length = 8 -} - -resource "azurerm_resource_group_template_deployment" "origin_route" { - name = "${var.name}_deployment_${random_id.id.hex}" - resource_group_name = "${var.resource_group_name}" - deployment_mode = "Incremental" - parameters_content = jsonencode({ - "frontdoor_name" = { - value = var.front_door_name - } - "endpoint_name" = { - value = var.endpoint_name - } - "route_name" = { - value = var.name - } - "route_path" = { - value = local.route_path - } - "origin_path" = { - value = local.origin_path - } - "origin_group_name" = { - value = azapi_resource.origin_group.name - } - "endpoint_domain_name" = { - value = replace(var.endpoint_domain_name,".","-") - } - }) - template_content = <